Merge pull request #16 from MohamedHamed12/account

Account
MohamedHamed12 · May 11, 2024 · f14eacd · f14eacd
2 parents c016733 + 1c5a53a
commit f14eacd
Show file tree

Hide file tree

Showing 14 changed files with 419 additions and 308 deletions.
diff --git a/project/accounts/filters/__init__.py b/project/accounts/filters/__init__.py
@@ -45,4 +45,14 @@ class Meta:
             'experience_years': ['exact'],
             'work_days': ['exact'],
             'license_number': ['exact'],
+        }
+
+class EmployeeFilter(filters.FilterSet):
+    class Meta:
+        model = Employee
+        fields = {
+            'user': ['exact'],
+            'national_id': ['exact'],
+            'full_name': ['exact'],
+            'created_at': ['year', 'month', 'day'],
         }
diff --git a/project/accounts/permissions.py b/project/accounts/permissions.py
@@ -3,17 +3,23 @@
 from rest_framework.permissions import SAFE_METHODS, BasePermission
 
 
-class StaffPermission(BasePermission):
-
 
+class CustomPermission(BasePermission):
     def has_permission(self, request, view):
-        return   request.user.is_staff
-
+        # Check if the user is an admin
+        if request.user and request.user.is_superuser:
+            return True
+
+        if request.method in SAFE_METHODS:
+            return True
+        return False
 
-class OwnPermission(BasePermission):
+    def has_object_permission(self, request, view, obj):
+        if request.user and request.user.is_superuser:
+            return True
 
-    def has_permission(self, request, view):
-        if   request.user.is_staff:
+        if request.method in SAFE_METHODS:
             return True
-        if view.action == 'retrieve':
-            return request.user.is_authenticated and request.user == view.get_object().user
+        return False
+
+
diff --git a/project/accounts/services/services.py b/project/accounts/services/services.py
@@ -1,53 +1,2 @@
-from accounts.models import Employee, Patient , Doctor
-from django.contrib.auth import get_user_model
-from rest_framework import status
-from rest_framework.response import Response
+from accounts.models.doctor import Doctor
 
-User = get_user_model()
-
-
-
-def create_user(request_data):
-    try:
-        national_id = request_data['national_id']
-    except:
-        return "national_id is required", None
-    try:
-        user = User.objects.create_user(username=national_id, password=national_id)
-        return "created" ,user 
-    except :
-        return "national_id already exists", None
-
-
-
-
-
-
-
-def update_model(modelClass, model_data,SerializerClass):
-    instance = modelClass.objects.get(id=model_data['id'])
-    serializer =  SerializerClass( instance=instance, data=model_data, partial=True)
-    if not serializer.is_valid():
-        return serializer.errors , "not valid"
-    serializer.save()
-    return SerializerClass(instance).data ,"updated"
-
-
-def postion_update(instance,request_data,SerializerClass):
-
-
-    serializer  =SerializerClass(instance= instance,data=request_data, partial=True)
-    if not serializer .is_valid():
-        return Response(serializer .errors, status=status.HTTP_400_BAD_REQUEST)
-    serializer .save()
-
-
-    for field in request_data:
-        if field not in  serializer_map :   continue
-        serializer_class = serializer_map.get(field)
-
-        model_instance = model_map.get(field)
-        update_data,massage = update_model(model_instance, request_data[field],serializer_class)
-        if massage!="updated":   return Response( update_data, status=status.HTTP_400_BAD_REQUEST)
-
-    return Response(SerializerClass(serializer.instance).data, status=status.HTTP_200_OK)
diff --git a/project/accounts/tests/test_patient.py b/project/accounts/tests/test_patient.py
@@ -96,105 +96,6 @@ def test_update_patient(self):
         self.assertEqual(response.data['address']['city'], 'test2')
 
 
-class PatientPermissionTest(TestSetup):
-    def setUp(self) -> None:
-        super().setUp()
-
-        self.staff, self.staff_token = self.create_staff()
-        self.patient, self.patient_token = self.create_patient(
-            self.staff_token)
-
-    def test_create_patient(self):
-        data = {
-
-                'marital_status': 'test',
-                'nationality': 'test',
-                'full_name': 'test',
-                'national_id': '012345678901234',
-                'date_of_birth': '2000-01-01',
-                'gender': 'M',
-                'disease_type': 'test',
-                'blood_type': 'test',
-                'address': {
-                    'street': 'test',
-                    'city': 'test',
-                    'governorate': 'test'
-                },
-                'phone': {
-                    'mobile': 'test'
-                }
-
-
-
-        }
-        url = f'/accounts/patient/'
-        response = self.client.post(url, data, format='json')
-        # print(response.data)
-        self.assertEqual(response.status_code, 401)
-
-        response = self.client.post(
-            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.patient_token)
-        self.assertEqual(response.status_code, 403)
-
-        # self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.staff_token)
-        response = self.client.post(
-            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.staff_token)
-        self.assertEqual(response.status_code, 201)
-        self.assertEqual(response.data['full_name'], 'test')
-        # self.assertEqual(response.data['address'][0]['street'], 'test')
-        self.assertEqual(response.data['address']['street'], 'test')
-
-        self.assertEqual(Patient.objects.get(national_id='012345678901234').full_name, 'test')
-
-    def test_update_patient(self):
-
-        url = f'/accounts/patient/{self.patient["id"]}/'
-        data = {
-
-
-
-                'id': self.patient['id'],
-                'marital_status': 'test',
-                'nationality': 'test',
-                'full_name': 'test2',
-                'national_id': '012345678901235',
-                'date_of_birth': '2000-01-01',
-                'gender': 'M',
-                'disease_type': 'test',
-                'blood_type': 'test',
-                # 'image': None,
-                'address': {
-                    # 'id': Address.objects.get(user=self.patient['user']).id,
-                    'street': 'test',
-                    'city': 'test2',
-                    'governorate': 'test'
-                },
-                'phone': {
-                    # 'id': Phone.objects.get(user=self.patient['user']).id,
-                    'mobile': 'test2'
-                }
-
-
-
-        }
-
-        # url = f'/accounts/patient/'
-        response = self.client.patch(url, data, format='json')
-        self.assertEqual(response.status_code, 401)
-
-        response = self.client.patch(
-            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.patient_token)
-        self.assertEqual(response.status_code, 403)
-
-        response = self.client.patch(
-            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.staff_token)
-        # print(response.data)
-        self.assertEqual(response.status_code, 200)
-        self.assertEqual(response.data['full_name'], 'test2')
-        # self.assertEqual(response.data['address'][0]['city'], 'test2')
-        self.assertEqual(response.data['address']['city'], 'test2')
-
-
 def create_image_test():
     if os.path.exists("test_image.jpg"):
         return
@@ -284,7 +185,9 @@ def test_create_patient(self):
     def test_list_patients(self):
         response = self.client.get(
             self.url, format='json', HTTP_AUTHORIZATION='Bearer ' + self.patient_token)
-        self.assertEqual(response.status_code, 403)
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(len(response.data), 1)
+        # self.assertEqual(response.status_code, 403)
     def test_get_patient(self):
         response = self.client.get(
             self.url+f'{self.patient["id"]}/', format='json', HTTP_AUTHORIZATION='Bearer ' + self.patient_token)

diff --git a/project/accounts/tests/test_permissions.py b/project/accounts/tests/test_permissions.py
@@ -0,0 +1,118 @@
+from accounts.tests.test_setup import *
+from accounts.models import *
+
+
+
+class PatientPermissionTest(TestSetup):
+    def setUp(self) -> None:
+        super().setUp()
+
+        self.staff, self.staff_token = self.create_staff()
+        self.patient, self.patient_token = self.create_patient(
+            self.staff_token)
+        self.patient2, self.patient_token2 = self.create_patient(
+            self.staff_token,national_id='10123456789012345')
+        self.patient3, self.patient_token3 = self.create_patient(
+            self.staff_token,national_id='20123456789012345')
+        self.doctor, self.doctor_token = self.create_doctor(
+            self.staff_token,national_id='30123456789012345')
+        self.visit = self.create_visit(
+            self.staff_token, doctors_ids=[self.doctor['id']], patient_id=self.patient['id'])
+        self.visit2 = self.create_visit(
+            self.staff_token, doctors_ids=[self.doctor['id']], patient_id=self.patient2['id'])
+    def test_create_patient(self):
+        data = {
+
+                'marital_status': 'test',
+                'nationality': 'test',
+                'full_name': 'test',
+                'national_id': '012345678901234',
+                'date_of_birth': '2000-01-01',
+                'gender': 'M',
+                'disease_type': 'test',
+                'blood_type': 'test',
+                'address': {
+                    'street': 'test',
+                    'city': 'test',
+                    'governorate': 'test'
+                },
+                'phone': {
+                    'mobile': 'test'
+                }
+
+
+
+        }
+        url = f'/accounts/patient/'
+        response = self.client.post(url, data, format='json')
+        # print(response.data)
+        self.assertEqual(response.status_code, 401)
+
+        response = self.client.post(
+            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.patient_token)
+        self.assertEqual(response.status_code, 403)
+
+        # self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.staff_token)
+        response = self.client.post(
+            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.staff_token)
+        self.assertEqual(response.status_code, 201)
+        self.assertEqual(response.data['full_name'], 'test')
+        # self.assertEqual(response.data['address'][0]['street'], 'test')
+        self.assertEqual(response.data['address']['street'], 'test')
+
+        self.assertEqual(Patient.objects.get(national_id='012345678901234').full_name, 'test')
+
+    def test_update_patient(self):
+
+        url = f'/accounts/patient/{self.patient["id"]}/'
+        data = {
+
+
+
+                'id': self.patient['id'],
+                'marital_status': 'test',
+                'nationality': 'test',
+                'full_name': 'test2',
+                'national_id': '012345678901235',
+                'date_of_birth': '2000-01-01',
+                'gender': 'M',
+                'disease_type': 'test',
+                'blood_type': 'test',
+                # 'image': None,
+                'address': {
+                    # 'id': Address.objects.get(user=self.patient['user']).id,
+                    'street': 'test',
+                    'city': 'test2',
+                    'governorate': 'test'
+                },
+                'phone': {
+                    # 'id': Phone.objects.get(user=self.patient['user']).id,
+                    'mobile': 'test2'
+                }
+
+
+
+        }
+
+        # url = f'/accounts/patient/'
+        response = self.client.patch(url, data, format='json')
+        self.assertEqual(response.status_code, 401)
+
+        response = self.client.patch(
+            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.patient_token)
+        self.assertEqual(response.status_code, 403)
+
+        response = self.client.patch(
+            url, data, format='json', HTTP_AUTHORIZATION='Bearer ' + self.staff_token)
+        # print(response.data)
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.data['full_name'], 'test2')
+        # self.assertEqual(response.data['address'][0]['city'], 'test2')
+        self.assertEqual(response.data['address']['city'], 'test2')
+    def test_doctor_patients(self):
+
+        response = self.client.get(
+            '/accounts/patient/', HTTP_AUTHORIZATION='Bearer ' + self.doctor_token)
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(len(response.data), 2)
+